Penetration Testing mailing list archives

RE: IIS & w2k

From: Yonatan Bokovza <Yonatan () xpert com>
Date: Mon, 4 Jun 2001 19:50:51 +0300

There's some newfound evil in win2k debug
registers, see:
http://www.securityfocus.com/bid/2764 

For further investigations regarding SQL see this list
archive.

Regards,
Yonatan Bokovza
Xpert Systems

-----Original Message-----
From: Luis Javier Perez [mailto:lperez () scitum com mx]
Sent: Monday, June 04, 2001 17:49
To: pen-test () securityfocus com
Subject: IIS & w2k

Hi everyone.

I'm actually doing a pt, and i'm facing a trouble, the 
scenario has a web
server with w2k and iis 5.0, now i have put netcat listening 
on port 99 and
i can browse files and stuff like that but i need to scale 
privileges, i
tried hk but it fails.. is there something like hk for win2k???
With the info i collected i noticed the server connects with 
a sql server..
how can i do to exploit the sql..

any help would be appreciated..

thanks..

Current thread:

IIS & w2k Luis Javier Perez (Jun 04)
- Re: IIS & w2k Tom Fischer (Jun 05)
- <Possible follow-ups>
- RE: IIS & w2k Read, Greg (Jun 04)
- RE: IIS & w2k Yonatan Bokovza (Jun 04)
- Re:IIS & w2k renato.ettisberger (Jun 05)